The article discusses the recent discovery of an attack on more than 100 US companies by China since, at least, 2006. The attack was perpetrated by the Comment Crew and APT1 which is a part of Unit 61398. Unit 61398 is part of the People’s Liberation Army. The senior leaders of the Communist Party of China are said to have order China’s military to conduct these attacks. The victims of the attacks include security firm RSA, Coca-Cola and makers of equipment used in critical infrastructure systems. Specific industries were also attacked including aerospace, high-tech electronics, transportation, financial services, satellite and telecommunications, chemical, energy, media and advertising and food and agriculture. It is feared that the group was targeting critical infrastructure systems with the goal of planting malware to conduct sabotage. The goal of the attack looks to have been embedding malware into project files to infect the machines of key people, similar to the spread of Stuxnet. System breaches lasted between a few months to a few years. Stolen information includes technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists. The hackers used sent aggressive spear phishing emails to breach systems.
Analysis:
Spear phishing occurs when a victim receives an email from a reputable looking source. The email appears to be reputable due to the personal nature of the email, but is actually a very well designed attack. The email may contain a link that once clicked, can infiltrate a computer or network with a virus or Trojan. The email might also ask for personal or confidential information, which the attacker can use to gain access to a computer or network. The companies attacked by China were breached using spear phishing attacks. These could have been easily avoided if employees had been trained thoroughly on spear phishing attacks. Many methods used to avoid spear phishing including informing employee not clicking on any links in an email, contacting the sender of the email that is asking you for personal or confidential information, and training employees to report any suspicious looking emails or data breaches.
The article discusses the recent discovery of an attack on more than 100 US companies by China since, at least, 2006. The attack was perpetrated by the Comment Crew and APT1 which is a part of Unit 61398. Unit 61398 is part of the People’s Liberation Army. The senior leaders of the Communist Party of China are said to have order China’s military to conduct these attacks. The victims of the attacks include security firm RSA, Coca-Cola and makers of equipment used in critical infrastructure systems. Specific industries were also attacked including aerospace, high-tech electronics, transportation, financial services, satellite and telecommunications, chemical, energy, media and advertising and food and agriculture. It is feared that the group was targeting critical infrastructure systems with the goal of planting malware to conduct sabotage. The goal of the attack looks to have been embedding malware into project files to infect the machines of key people, similar to the spread of Stuxnet. System breaches lasted between a few months to a few years. Stolen information includes technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists. The hackers used sent aggressive spear phishing emails to breach systems.
Analysis:
Spear phishing occurs when a victim receives an email from a reputable looking source. The email appears to be reputable due to the personal nature of the email, but is actually a very well designed attack. The email may contain a link that once clicked, can infiltrate a computer or network with a virus or Trojan. The email might also ask for personal or confidential information, which the attacker can use to gain access to a computer or network. The companies attacked by China were breached using spear phishing attacks. These could have been easily avoided if employees had been trained thoroughly on spear phishing attacks. Many methods used to avoid spear phishing including informing employee not clicking on any links in an email, contacting the sender of the email that is asking you for personal or confidential information, and training employees to report any suspicious looking emails or data breaches.